Jump to content

  • Log in with Facebook Log in with Twitter Log In with Google      Sign In   
  • Create Account

Subscribe to HRA Now!

 



Are you a Google Analytics enthusiast?

Share and download Custom Google Analytics Reports, dashboards and advanced segments--for FREE! 

 



 

 www.CustomReportSharing.com 

From the folks who brought you High Rankings!



Photo
- - - - -

Problem With Mysql Server


  • Please log in to reply
6 replies to this topic

#1 seo_bright

seo_bright

    HR 5

  • Active Members
  • PipPipPipPipPip
  • 292 posts

Posted 16 September 2009 - 04:12 AM

The site uses PHP and MySQL. It was working fine till today morning. I am unable to view the control panel database and tables. Also the site is not able to do any submission of forms or viewing of the reports. I cannot guess what could be the problem when it had worked fine till yesterday. I am able to login however and forms with drop down menus are displayed, but I am unable to submit it or view the reports.

Edited by seo_bright, 16 September 2009 - 05:33 AM.


#2 1dmf

1dmf

    Keep Asking, Keep Questioning, Keep Learning

  • Active Members
  • PipPipPipPipPipPipPip
  • 2,160 posts
  • Location:Worthing - England

Posted 16 September 2009 - 05:52 AM

Is it hosted , shared or dedicated? external or inhouse?

Do you use myPHPAdmin ?

How are the reports generated, what software?

They haven't just updated Plesk by any chance have they lol.gif



#3 Jill

Jill

    Recovering SEO

  • Admin
  • 32,919 posts

Posted 16 September 2009 - 11:19 AM

Try to restart your mysql server (or ask your host to).

#4 seo_bright

seo_bright

    HR 5

  • Active Members
  • PipPipPipPipPip
  • 292 posts

Posted 17 September 2009 - 01:47 AM

1dmf,
We are hosting the site but might be it is shared. I am not clear about this.
We use phpMyAdmin.
We edit php files in Dreamweaver.

Jill,
Would the data be sucured if we restart it? As it is a large database and uses the online for all their works.

PS:
The site had been recently hacked and we removed the malware from a few files and uploaded after which it worked fine. However we have changed the FTP and database passwords since then.

Would it be the problem with regard to the service provider? I am confused as data is available but not able to run queries and operations on it. When I login to cPanel I am unable to view the tables, structure and data. A message displays asking for permission to view secure and non secure items to display and then an empty page with Action Canceled or Page not displayed.




#5 Randy

Randy

    Convert Me!

  • Moderator
  • 17,540 posts

Posted 17 September 2009 - 06:59 AM

I would be concerned about the things that may have been changed during the recent hack myself. Hopefully you have a back up copy of everything. If you do I'd want to run a DIF type of comparison between the files now one the site and what those files looked like in their original state. Or at the very least look at the modification date of each and every file on the server to make sure you got all of the hack stuff out of there.

You should also routinely create back ups of your database if it's important to you. Most hosts don't do this for you, unless you're paying extra for a back up service. Personally I use a little php-based database dumping script I created some time ago that I then connect to a cron job so that it runs automatically to back up and compress my databases a few times per week. Once I start set it up and start it, everything is 100% automated. I don't even have to go in to remove old db dumps because the script cleans up after itself and can be configured to save as many or few copies as I want. By no means is my little hand rolled script the only one out there. There are literally dozens to choose from, all available for free.

The non-secure mention is something that may point you to something nefarious still in the code somewhere, if you hadn't seen that before. Basically what it's telling you is that you're connecting to a page in a Secure (or https) fashion, but that there is something in the code somewhere that is retrieving a reference in a non-secure (or http) fashion. This can happen if you're pulling an image reference into the page via its full http url. The same can be true if there is a reference to an external javascript file being loaded with the page.

That may or may not be nothing. If it didn't happen before though, I'd want to first track down where and why that's happening. At least that's where I'd start the diagnosis to see if there were still bits of the hack in there somewhere that had been missed during clean up.

#6 seo_bright

seo_bright

    HR 5

  • Active Members
  • PipPipPipPipPip
  • 292 posts

Posted 17 September 2009 - 08:12 AM

Thanks Randy that was great info. But the issue was solved just now. The problem was that a query which run indefinitely and caused the database not to respond. They told the query was killed after which now the site functions properly both viewing and submissions are working and could view the tables and data. But as Randy suggested we need to take back ups as the database is constantly changing everyday.

#7 1dmf

1dmf

    Keep Asking, Keep Questioning, Keep Learning

  • Active Members
  • PipPipPipPipPipPipPip
  • 2,160 posts
  • Location:Worthing - England

Posted 17 September 2009 - 08:37 AM

what was running this query? could it be something to do with the hack?

Like Randy, my biggest concern would be what they did when they hacked in.

They can be quite clever with obfuscating code and injecting it into SQL, simply calling a URL could triger it off again.

Which could be also as Randy suggests relating to this secure/non-secure issue.

If they have dumped some code in your pages, restores can sometime be the only easy and sure fire way of resetting everything back to what it was before the hack took place, so backups are essential.

Also if the server is inhouse and you only access it from inhouse as well as perhaps home with a fixed IP address, then I would lock down access via your firewal for the FTP port if possible to only allow specific IP address.

That's how ours is configured and I only access it via a DES encrypted VPN tunnel just to be sure wink1.gif







0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

SPAM FREE FORUM!
 
If you are just registering to spam,
don't bother. You will be wasting your
time as your spam will never see the
light of day!